1. Field of the Invention
The invention relates to the field of network security protocol conversion. In particular, the invention relates to the conversion between the Wireless Transport Layer Security and Secure Sockets Layer protocols.
2. Background Information and Description of Related Art
The Wireless Application Protocol (WAP) defines a set of protocols for wireless applications. The Wireless Transport Layer Security (WTLS) is the security layer of the WAP and provides privacy, data integrity, and authentication for WAP services.
WTLS is based on the Transport Layer Security (TLS), a security layer widely used in the Internet, with modifications to accommodate bandwidth, datagram connection, processing power, memory capacity, and cryptography limitations typical in wireless communications.
Secure Sockets Layer (SSL) is a protocol for transmitting private documents via the Internet. Currently, SSL is not directly compatible with WTLS. Hence, it is not possible to convert between WTLS encrypted data and SSL encrypted data without decrypting the data.
The common method of converting between SSL data and WTLS data uses software executing inside a WAP gateway. Wireless messages travel through the air to a carrier's receiver, where they are received and passed to the gateway. If the message is WTLS encrypted, the encrypted message is decrypted, then encrypted using SSL. If the message is SSL encrypted, the encrypted message is decrypted, then encrypted using WTLS. Then, the encrypted message is transmitted out of the gateway.
The data is decrypted and stored in the memory of the WAP gateway temporarily, allowing a period of time when the message is unencrypted and unprotected in the WAP gateway. This creates a security vulnerability. Furthermore, since the conversion is done using software, a considerable amount of CPU resources are consumed and a latency in the response to a client request may be experienced.